Method for determining mobile device password settings based on acceleration information

ABSTRACT

Methods, devices, and systems are disclosed for altering a mobile electronic device&#39;s screen timeout based on an acceleration event. A ringtone can be altered in addition to the password timeout time. Historical accelerations may be recognized and the time out can be adjusted based on the determined risk associated acceleration.

CROSS-REFERENCES TO RELATED APPLICATIONS

This application is related to and incorporates by reference for allpurposes the full disclosure of co-pending U.S. patent application Ser.No. 13/434,481, filed concurrently herewith, entitled “METHOD FORDETERMINING MOBILE DEVICE PASSWORD SETTINGS BASED ON WIRELESS SIGNALINFORMATION”; co-pending U.S. patent application Ser. No. 13/434,501,filed concurrently herewith, entitled “METHOD FOR DETERMINING MOBILEDEVICE PASSWORD SETTINGS BASED ON WIRELESS SIGNALS”; and co-pending U.S.patent application Ser. No. 13/434,536, filed concurrently herewith,entitled “METHOD FOR DETERMINING MOBILE DEVICE PASSWORD SETTINGS BASEDON CHECK-IN INFORMATION”.

BACKGROUND

1. Field of the Invention

In general, embodiments of the present invention relate to informationsecurity in mobile electronic devices and, in particular, to adjustingscreen timeouts of mobile devices based on RF and other measurements ofand/or at their locations.

2. Description of the Related Art

Computing devices have gotten more powerful, more portable, and moreintuitive to use. Corporations and consumers alike have adoptedhigh-tech devices in their businesses and personal lives. Many have cometo rely heavily on their portable computing devices, such as smartphones, personal data assistants (PDAs), laptop computers, etc.

As the digital age progresses, some have come to recognize that acomputing device itself is often no longer the most important asset toan individual or company, but rather that the data stored on the deviceis the most important asset. The information often carries a value manytimes the physical device. To illustrate the value of data over thephysical hardware, we note that forward-looking businesses frequentlyuse whole disk encryption and basic input/output system (BIOS)-levelpasswords to achieve such goals.

Portable and mobile devices, especially work- and business-relateddevices, often contain sensitive information. A password with a timeoutis commonly used to prevent a lost or stolen smart phone or otherelectronic device from leaking such data. After the device is ‘idle’ fora defined timeout period, the system locks itself down. Furtherinteraction with the device often requires password entry.

Frequent entering of passwords after a device lock-down is generallyviewed by users as a nuisance, albeit a necessary one to protectinformation on their devices. Users generally prefer the timeoutintervals to be relatively long so that they do not have to enterpasswords as often.

Information Technology (IT) department policies of businesses oftenrequire that the timeout intervals be relatively short for the devicesthat the IT department services. This reduces the risk that anunauthorized user, such as a thief, could get access to data on a mobiledevice or enter the company's computers through the device.

In setting timeout periods for devices, an IT department should weighthe risks of theft and unauthorized entry with the convenience andusability of its devices. Some users have relatively little access tocompany data through their devices and therefore need less protection.These users may be rather numerous, so the opportunity for loss or theftmay be great. Some users have relatively unimpeded access to companydata through their devices and therefore need more protection. Although,these users may be few. Many IT department policies call for a standard,minimum timeout interval (e.g., 5 minutes) on certain devices; some ITdepartments set different intervals depending on the roles of the users.

Some have attempted to tackle the problem of password-inconvenience bymaking the entry of a password or other authentication as streamlined aspossible. For example, devices that incorporate fingerprint readers orother biometric readers can sometimes be faster at authenticating a userthan a traditional password entry. However, these systems often requireextra hardware. They are not foolproof, and they sometimes have a backuppassword entry system in case the special hardware breaks or a person'sbiometric is corrupted (e.g., a cut on a finger).

There is a need in the art for more convenience involvingpassword-protected timeouts.

BRIEF SUMMARY

Methods, devices, and systems are disclosed for altering a mobileelectronic device's screen timeout interval based on measurements at orof a location of the mobile device. A number of distinct, ambientwireless signals can be measured and then a timeout interval adjusteddownwards when there are more such signals. In addition to geo-location,a check-in of a wireless device to certain location can indicate thenumber and type of nearby venues. If those venues are considered havensfor theft, then timeouts can be adjusted downward. A user can tagspecific locations as being more risky, or less risky, than others.Audio noise measured through a cellular phone's microphone can also beused to determine whether an area is crowded with people and timeoutscan be adjusted. In addition to or alternatively, a ringtone of a mobilephone can be adjusted based on the risk it senses.

In some applications, an identity badge and a mobile device can belinked so that mobile device can adjust its timeout settings based onits distance from the badge. If an employee leaves his or her mobiledevice on a desk and walks away, it can shrink its timeout intervalbased on a lack of response from a radio frequency identification (RFID)tag in the badge.

Embodiments of the present invention relate to a method for securing amobile device. The method includes measuring a number of distinct,ambient wireless signals or strength of ambient wireless signals near amobile device, determining a risk of theft of the mobile device based onthe measurement, and setting a timeout time for the device based on thedetermined risk.

The method can include determining a number of wireless hotspotsavailable, identifying nearby venues based on a check-in of the deviceto a particular geographic location, and/or looking up crime statisticsfor a particular geographic location in order to determine the relevantrisk. A ringtone can be altered in a cellular phone based on the risk.

An embodiment relates to a method for securing a mobile device. Themethod includes measuring an existence of or a strength of a signal froma radio frequency identification (RFID) tag, determining a risk of theftof the mobile device based on the measurement, and setting a timeouttime for the device based on the determined risk.

The RFID tag can be embedded inside or otherwise connected with a badge.Other wirelessly activated tags are envisioned.

An embodiment relates to a badge system, including a badge having aradio frequency identification (RFID) tag and a machine-readabletangible storage medium embodying information indicative of instructionsfor causing one or more machines to perform operations. The operationsinclude measuring an existence of or a strength of a signal from theRFID tag, determining a risk of theft of the mobile device based on themeasurement, and setting a timeout time for the device based on thedetermined risk.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 illustrates an accelerated time-out of a smart phone inaccordance with an embodiment.

FIG. 2 illustrates a default time-out of a smart phone in accordancewith an embodiment.

FIG. 3 illustrates a delayed time-out of a smart phone in accordancewith an embodiment.

FIG. 4 illustrates a time-out setting interface for distinct risk modesin accordance with an embodiment.

FIG. 5 illustrates a time-out setting interface for risk associated withdistances in accordance with an embodiment.

FIG. 6 illustrates a time-out setting interface for risk associated witha number of ambient wireless signals in accordance with an embodiment.

FIG. 7 illustrates a time-out setting interface for risk associated withlocal crime statistics in accordance with an embodiment.

FIG. 8 illustrates an interface for entering geographic positions inaccordance with an embodiment.

FIG. 9 illustrates a map of geographic positions for a corporate campusin accordance with an embodiment.

FIG. 10 illustrates a map of geographic positions for a residence inaccordance with an embodiment.

FIG. 11 illustrates a badge distance determination in accordance with anembodiment.

FIG. 12 is a flowchart of a process in accordance with an embodiment.

FIG. 13 is a flowchart of a process in accordance with an embodiment.

FIG. 14 illustrates a computer system suitable for implementing anembodiment.

DETAILED DESCRIPTION

Generally, methods, devices, and systems are disclosed for altering amobile electronic device's display timeout interval based onmeasurements at or of the location of the mobile device. The intensity,quality, and/or number of ambient wireless signals can be measured todetermine a risk for a particular area. A timeout period for the devicecan be adjusted upward for low risk areas (e.g., at home in the suburbs)or adjusted downward for high risk areas (e.g., in a crowded urbanplaza). The geographic location of a device can be determined using anembedded global positioning system (GPS) antenna and associatedcircuitry and/or auxiliary sensors, such as accelerometers.

A check-in of the device to a location-based social networking web site,such as the Foursquare® web site, can be used to determine what venue(s)the device is nearby. If the nearby venue(s) are statisticallycrime-ridden, known by others as risky, have been identified has havinga crowd (such as having large number of people who have checked-in orreceiving an identifier for a crowd, such as a badge), or tagged by theuser or his friends as risky, then a timeout on the device can beautomatically adjusted accordingly. A check-in may be performed byoperations that include a GPS request, scanning a code with a camera,selecting a location on a map using geocoding, audio information (suchas a concert) and/or a manual selection of a venue from a list.Subsystems that aid in check-in may be monitored such that theinformation is reported to the social networking website and a smartphone locking subsystem. The monitoring may include accesses to alibrary, such as a visual scanning library used to scan codes. In someembodiments, geocoding and/or reverse geocoding may be used to convertcoordinates to a venue. In other embodiments, a location-based socialnetworking site may report check-ins to the mobile device.

Audio noise, measured through a microphone operatively connected withthe device, can be used to determine if the device is in the midst of acrowd. When there are more people around, generally there exists agreater risk of theft. Thus, a timeout on the device can be adjustedaccordingly.

Some places like work or home have less risk of theft than at, forexample, industry conferences, which can be crawling with directcompetitors. At places of less risk, the frequent entering of thesecurity password becomes a nuisance. However at places of high risk,such as conferences, a 30 second timeout may be critical and extremelyhelpful to prevent information from falling in to the wrong hands.

In the prior art, a simple use case of securing a device could enable anauto-lockout to kick in within a few seconds of the last action. Whilesecure, in the sense that it would be highly unlikely for a device whichhas been dropped or lost to be compromised since the auto-lockout wouldhave kicked in, the primary owner would find such behavior anuisance—and hinder typical use. Because of this, many users havelockout timeouts that are fairly lengthy. However, with the increasedlength of the idle-detection, the risk increases.

An embodiment enables a user to automatically set timeouts based on thecontext of the environment, the context provided by its geographiclocation. A user at work may feel fairly comfortable about a mediumlength timeout. When the user is at home, the auto-lockout timeout maybe significantly longer. However, when the user goes from the workplaceto lunch, or on a business trip, the invention can automatically,without immediate human intervention, change the default timeout to asetting more appropriate to the risk being posed.

A setting screen can be utilized that enables a user to set thegeographic location, radius or bounding box, and auto-lockout timing.For corporate-owned devices, a central IT department can push known,established locations (e.g., a campus comprised of multiple buildingswith parking lots and open space in-between) to devices. The settingscreen can enable multiple environments to be created and managed.

An example of settings for a mobile device used within a corporateenvironment may include:

1. “Building A”, defined by a geographic bounding box of the tuple:(min-latitude, min-longitude), (max-latitude, max-longitude), auto-locktimeout: 15-minutes

2. “Building B”, defined by a geographic bounding box of the tuple:(min-latitude, min-longitude), (max-latitude, max-longitude), auto-locktimeout: 15-minutes

3. “Building C”, defined by a geographic bounding box of the tuple:(min-latitude, min-longitude), (max-latitude, max-longitude), auto-locktimeout: 15-minutes

4. “Home”, defined by a geographic center and radius of(central-latitude, central-longitude, 40 meters), auto-lockout timeout:1 hour

5. “Elsewhere”, defined as not falling in to one of the above areas,auto-lockout timeout: 30 seconds.

Timeouts can be triggered by a rule affected by the geo-location. If amobile device were in the “Home” environment, idle for 20 minutes, andmoved outside the radius (and assuming that the work environmentsdefined by Buildings A-C are not overlapping), the “Elsewhere” rulesetcan kick in and calculate that the time since idle has exceeded the30-seconds, and thus instantaneously auto-lock. An indicator of themobile device may, such as an indicator light, may display an indicationof the current ruleset. For example, a “Home” ruleset may use a solidgreen light, while an “Elsewhere” ruleset may cause the indicator toflash red.

In some embodiments, once locked, moving back in to a different zonedoes not “un-lock” the device, even if the rule determines that it wouldhave remained unlocked. One reason for this behavior is to increasesecurity and deter a potential scenario where a lost device is foundshortly after exiting the pre-defined area, and slightly outside thepre-set area.

It can also be assumed that the locked state also prohibits access tothe settings screen, including the portions that enable the creation andmanagement of new zones in the context of this invention.

Considerations can also be given to people who may occupy spaces at ornear the edge of the defined boundary. Geographic positioningtechnologies, while accurate in most cases can sometimes drift orreflect a position slightly outside the person's real location. A personsitting in a corner office may find it annoying if the locationtemporarily jumps outside the corporate building, e.g., “Building A”,and the ruleset “Elsewhere” when the 30-second auto-lock kicks in.

To assist in this scenario, a geographic positioning location may beaugmented by dead-reckoning technologies, such as accelerometers, toprovide an effective “location,” with the centroid reflecting the actualposition.

An example of dead-reckoning assistance is:

1. A person sits in a corner office in “Building A” in a corporateenvironment.

2. GPS technology is used to determine the location.

3. An accelerometer on board the device detects that the device has notmoved.

4. GPS locations constantly accumulate, and a centroid is calculated.

5. At times, the instantaneous GPS location reading may reflect that theposition is outside the “Building A” bounding box, however, based on theaccumulated GPS centroid location, and information that the device hasnot been moved enough (based on integrating the accelerometer readings),the final determined location remains at the centroid, and therefore, weenable this user to reap the convenience benefits of working in the“Building A” environment, with the full timeout of 15-minutes.

Technical advantages of embodiments of the invention are many. Existingsensors, such as a radio frequency (RF) antenna and audio microphone ona mobile phone, can be used to determine whether a device is in apopulous area. Such areas are often associated with higher risk levelsof theft; therefore, a timeout interval on a device can be automaticallyadjusted accordingly. In conjunction with such on-board sensors,off-board data, such as local crime statistics and user tagging, can beused to modify the risk. A ringtone of a phone can indicate to the userthe risk level of theft that a phone determines it is being subjected.This feedback can inform the user to protect the device as well as otherbelongings in instances where the user may have forgotten about suchrisks. IT departments can customize geographic areas of risk for acompany and then push those area definitions out to users so that usersdo not have to enter them separately. In some instances, feedbackprovided to a user in the form of a shorter timeout can inform the userthat he or she is in a risky area, according to a corporate ITdepartment. In addition, a user may be encouraged to leave his or hermobile device safely at the office instead of carrying it with him orher on personal errands because the device's accelerated timeout makesit less usable, more inconvenient in other areas.

In one embodiment, detected accelerations may be used to determine arisk of theft of a mobile device. A brief acceleration at the speed ofgravity followed by a more sudden jolt can imply that a mobile devicehas been dropped. A sudden jolt or stop may include 200 or more timesthe force and/or acceleration of gravity. Using these accelerationevents, the mobile device sets a time out on its determination ofwhether a fall has occurred or not. In one embodiment, a history ofaccelerations and/or timeframes of accelerations may be tracked. Forexample, the mobile device can determine that everyday between 6 pm and7 pm, it receives a similar acceleration event. This event may be tiedto the fact that a user drops the mobile device in a basket every dayupon a return home. Thus, a repeated event may not trigger a decrease intime out time. In some embodiments, the acceleration events may beclassified into different types of events. For example, an accelerationeven may be classified into a controlled event or an uncontrolled event.A controlled event may include a placement of a device onto a hardsurface where rotation and/or bounce are constrained. An uncontrolledevent may include a fall with a bounce and/or rotation that is notconsistent with a placement.

The risk of theft and/or time out time may be calculated internally orexternally. In some embodiments, a mobile device may provide servicesnecessary to calculate a risk of theft and determine a time out time. Inother embodiments, the mobile device may request updates to information,such as from an IT department on risk assessment, updated time out timesfor different risk levels and/or equation information for determiningrisk and/or time out times. In one embodiment, a mobile device mayrequest information about a location or venue, such as crime statistics,to include in the calculation. In some embodiments, the mobile devicemay collect information and send the information to a remote serversystem to process and return a time out.

FIG. 1 illustrates an accelerated time-out of a smart phone inaccordance with an embodiment. Smart phone 101 includes display 102,which is locked. In screen area 105, display 102 highlights to the userthat the lock was accelerated. In area 104, display 102 informs the userthat the risk of theft is “HIGH,” and in area 103, the display shows theuser that a large number of distinct, ambient wireless signals is toblame for the determination that it is in a risky area.

For example, the smart phone counts 30 different wireless hotspots andcellular tower channels being used with its embedded antenna 107.Because it is in the midst of this large number of signals, itdetermines that it is in an urban environment where there is more of arisk of it being stolen. The smart phone accelerates its time-outinterval from a default of 5 minutes to a quick 30 seconds beforelocking.

Smart phone 101 can differentiate between known wireless signals andunknown wireless signals. A known wireless signal, such those emittedfrom a wireless access point at home or other family cell phones, can bedetected and the risk assessment decreased. Upon detecting a recognizedsignal, such as from an identifier like a media access control address,the smart phone may decrease its time-out interval from a default 5minutes to 20 minutes before locking.

Smart phone 101 can use accelerometer 108 to further refine its riskassessment. If it is determined that the phone has fallen (out of auser's pocket), then is may be deemed more likely that it is lost.Therefore, the timeout can be adjusted accordingly.

Smart phone 101 can use a user entry to further refine its riskassessment. A user may indicate that he or she intends to stay at acertain location (e.g. a concert) for 2 hours. If the phone is removedfrom the venue before the expiration of the 2 hours, then there is ahigher risk that the phone has been stolen. The timeout can be adjustedaccordingly.

To re-initiate full interaction with the device, a user is prompted inarea 106 of the display to (re-)enter his or her password. A biometricreader can be used in conjunction with or instead of a password.

A “distinct” wireless signal includes a radio frequency signal that ison a different frequency, band, spectrum, channel, or othercommunication protocol as known in the art than another wireless signal.

“Ambient” wireless signals include those signals that exist in a certainlocation at a certain point in time.

FIG. 2 illustrates a default time-out of a smart phone in accordancewith an embodiment. In screen area 203, display 102 shows the user thata moderate number of distinct, ambient wireless signals exists in theenvironment such that smart phone 101 has determined that the risk is“MEDIUM” (as indicated in area 204). Area 205 indicates that thetime-out was at a default setting.

For example, the smart phone counts 10 different wireless hotspots andcellular tower channels being used. Because it is in the midst of thismoderate number of signals, it determines that it is in a suburbanenvironment where there is a normal risk of it being stolen. The smartphone keeps its time-out interval at a default of 5 minutes.

FIG. 3 illustrates a delayed time-out of a smart phone in accordancewith an embodiment. In area 303, display 102 shows the user that a lownumber of distinct, ambient wireless signals exist in the environmentsuch that smart phone 101 has determined that the risk is “LOW” (asindicate in area 304). Area 305 indicates that the time-out was delayedfrom its default setting.

For example, the smart phone counts 1 wireless signal (its own) forcommunication with a cellular tower. Because there are no other devices,and probably few other people around, it determines that it is in arural environment where there is a low risk of it being stolen. Thesmart phone extends its time-out interval to 30 minutes from a defaultof 5 minutes.

In another embodiment, a smart-phone may increase determined risk when adetected signal strength indicates a wireless device is within inches ofanother wireless device. For example, a smart phone may be pick-pocketedfrom an unsuspecting owner. Because the smart phone is placed in apocket with a second wireless phone, the smart phone may detect thestrong signal strength of the second wireless phone, which is above athreshold, and immediately lock the device because of the determinedrisk.

FIG. 4 illustrates a time-out setting interface for distinct risk modesin accordance with an embodiment. In field 410 of interface 400, a usercan set the time-out period for the device when the device is in a highrisk area. In this case, the setting is at 30 seconds. In field 411, auser can set the time-out period for the device when it is in a mediumrisk area. In this case, the setting is at 5 minutes. In field 412, auser can set the time-out period for the device when it is in a low riskarea. The user has set this to “NEVER,” so that a time-out isindefinitely postponed (while in the low risk area). In someembodiments, distinct risk modes can be replaced with continuouslyvariable risk determinations.

FIG. 5 illustrates a time-out setting interface for distances inaccordance with an embodiment. In field 513 of interface 500, a user canset the default time-out period for the device. In this case, thedefault is set at 30 minutes. In field 514, a user can set an amount oftime to be subtracted from the 30 minutes according to a formula. Inthis case, 1 minute can be subtracted. In field 515, a user can set adistance for the formula, here it being 10 meters from a low risk area.In field 516, a user can set the minimum time interval for a time-out.Here, it is set at 30 seconds.

With the settings shown, a time-out period is set at 30 minutes minus 1minute for every 10 meters outside a low risk area, with a minimum of 30seconds. In an example where the device is determined to be 40 metersaway from a low risk area (e.g., in a park across the street from acompany campus), the time-out period is set at:30 minutes−(40 meters)×(1 minute/10 meters)=26 minutes  (Eqn. 1)As another example where the device is determined to be a kilometer(i.e., 1000 meters) away from a low risk area, the timeout period is setat:30 minutes−(1000 meters)×(1 minute/10 meters)=(negative) Therefore: 30seconds  (Eqn. 2)

A timeout period is adjusted linearly in conjunction with the associatedrisk. As a person is farther away from his place of work, the risk oftheft increases proportionately. In the areas immediately surroundingthe person's workplace, the risk can be determined to be a linearfunction of distance from the workplace. The timeout period is adjustedin accordance with the risk. Other (monotonically increasing/decreasing)functions can be used for risk determination with respect to distance.For example a polynomial or exponential function can be used. A timeoutcan trigger if a current timeout period is exceed based on a time sincea last interaction with a device. In one embodiment, once a new timeoutis determined, a device may be locked if the timeout value has beenexceeded. A new determined timeout period does not necessarily reset atimeout counter to zero, but can merely adjust a timeout threshold.

FIG. 6 illustrates a time-out setting interface for ambient wirelesssignals in accordance with an embodiment. In field 613 of interface 600,a user can set the default time-out period for the device. In this case,the default is set at 30 minutes. In fields 614 and 615, a user can setan amount of time to be subtracted from the 30 minutes according to aformula. In this case, 1 minute can be subtracted for every 3 wirelesssignals detected. In field 616, a user can set the minimum time intervalfor a time-out. Here, it is set at 30 seconds.

With the setting shown, a time-out period is set at 30 minutes minus 1minute for every 3 wireless signals detected, with a minimum of 30seconds. In an example where the device detects 22 distinct wirelesssignals, the time-out period is set at:30 minutes−(21 signals)×(1 minute/3 signals)=22.7 minutes  (Eqn. 3)

FIG. 7 illustrates a time-out setting interface for local crimestatistics in accordance with an embodiment. In field 713 of interface700, a user can set the default time-out period for the device. In thiscase, the default is set at 30 minutes. In fields 714 and 715, a usercan set an amount of time to be subtracted from the 30 minutes accordingto a formula. In this case, 1 minute is subtracted for every reportedcrime within 1 mile. In field 716, a user can set the minimum timeinterval for a time-out. Here, it is set at 30 seconds.

With the setting shown, a time-out period is set at 30 minutes minus 1minute for every crime reported within 1 mile, with a minimum of 30seconds. In an example where the device has looked up crime statisticsand found 15 within a one mile radius, the time-out period is set at:30 minutes−(15 crimes)×(1 minute/1 crime)=15 minutes  (Eqn. 4)

FIG. 8 illustrates an interface for entering geographic positions inaccordance with an embodiment. In the figure, the geographic positionsare defined as low risk areas.

In field 820 of interface 800, an IT department administrator canindicate a company name for the relevant company. In field 821, abounded geographic area can be labeled; here it is labeled as “Building100.” Using radio buttons 822, the bounding system can be defined. Inthis case, a rectangle bounding area—or more accurately, a four-sidedpolygon—is selected. In fields 823, the administrator can enter fourcoordinates for the four points of the polygon in order to define therectangle.

In fields 824, another building, “Building 200,” is defined. Building200 may be across the street from, cater-corner to, or far removedBuilding 100. In any event, the buildings can be associated with eachother as one work area with the same amount of risk.

In field 825, a user may wish to label another low risk area, labelingit “Employee Home.” In field 826, the user has input his house, and infield 827 he has selected a circle for the definition of his personallow risk area. In field 828, the user has entered a center point for thecircle, and in field 829 he has entered a radius of the circle. That is,the low risk area for the employee's house is a circular area with thespecified radius centered at the specified latitude and longitude.

FIG. 9 illustrates a map of geographic positions for a corporate campusin accordance with an embodiment. Map 900 can be used to set thegeographic boundaries or simply display the boundaries. Points 923correspond to latitude/longitude coordinate fields 823 (FIG. 8). Asshown, these points may or may not align with an actual corner of abuilding. They can be a simplified perimeter of a building, align withperimeter streets, or not align with any physical structure.

Building 100 boundary 930 and Building 200 boundary 931 can beconsidered one campus of a company. Within the bounds of the areas, amobile device can consider itself in a low risk area. As one walks awayfrom and outside the boundaries, a timeout on the mobile device canadjust itself in accordance with a distance formula, such as that inEqn. 1.

FIG. 10 illustrates a map of geographic positions for a residence inaccordance with an embodiment. In map 1000, geographic area 1032 isdefined by center point 1028 (as entered in center point field 828 ofFIG. 8) and radius 1029 (as entered in radius field 829 of FIG. 8). Inthe figure, the circle is centered in the residential property and itscircumference intercepts the four corners of the property. As in therectangular boundary examples, the circular boundaries do not need toalign with physical features.

Although the embodiments shown are for defining low risk areas, highrisk (and medium risk) areas can be defined in the same way.

FIG. 11 illustrates a badge distance determination in accordance with anembodiment.

System 1100 comprises badge 1133 and mobile device 1101, or the softwareinstalled thereon. Badge 1133 has elements 1134 that identify the badgeowner, such as a photo, name, and barcode, as well as radio frequencyidentification (RFID) chip 1135.

Mobile device 1101 has display 1102 and RFID reader sensor 1137. RFIDreader sensor 1137 interrogates RFID tag 1135 by ‘pinging’ a predefined(set of) frequencies and listening for a response from the tag. Ifdistance 1136 is determined to be greater than a threshold (e.g., 20feet), or if a ping results in no response from RFID tag 1135, thenmobile device 1101 enters an accelerated time-out. This result isdisplayed to the user in area 1105 on display 1102.

In another embodiment, an external device is used to add risk detectionfunctionality to a mobile device 1101. For example, a signal counter andantenna is included in a badge 1133, bracelet or other wearable item.The signal counter and antenna is used to augment the risk detection ofthe mobile device by counting, identifying and/or detecting a strengthof wireless signals in the area. The augmented functionality is reportedback to the mobile device 1101. Using the reported number of signals,identified signals and/or strength of signals, the mobile device maydetermine an appropriate time-out. The signals can also be categorized.In one embodiment, signals are categorized as safe signals, which mayinclude such signals as those produced by known private routers. Signalscan be categorized as more dangerous signals, such as public wirelesshotspots or unknown cellular phone signals.

FIG. 12 is a flowchart illustrating process 1200 in accordance with anembodiment. In operation 1201, settings are received from a centralinformation technology (IT) department of a business organization. Inoperation 1202, a number of distinct, ambient wireless signals, or thestrength of ambient wireless signals near a mobile device, are measured.In operation 1203, a risk of theft of the mobile device is determinedbased on the measurement and the settings. In operation 1204, a timeouttime for the device is set based on the determined risk.

FIG. 13 is a flowchart illustrating process 1300 in accordance with anembodiment. In operation 1301, an existence of or a strength of a signalfrom a radio frequency identification (RFID) tag is measured. Inoperation 1302, a risk of theft of the mobile device is determined basedon the measurement. In operation 1303, a timeout time is set for thedevice based on the determined risk.

The operations may be performed in the sequence given above or indifferent orders as applicable. They can be automated in a computer orother machine and can be coded in software, firmware, or hard coded asmachine-readable instructions and run through one or more processorsthat can implement the instructions.

FIG. 14 illustrates an example of a hardware system suitable forimplementing a device in accordance with various embodiments. This blockdiagram illustrates a computer system 1400, such as a personal computer,video game console and associated display, mobile device, personaldigital assistant, or other digital device, suitable for practicingembodiments of the invention. Computer system 1400 includes a centralprocessing unit (CPU) 1405 for running software applications andoptionally an operating system. CPU 1405 may be made up of one or morehomogeneous or heterogeneous processing cores. Memory 1410 storesapplications and data for use by the CPU 1405. Storage 1415 providesnon-volatile storage and other computer readable media for applicationsand data and may include fixed disk drives, removable disk drives, flashmemory devices, and CD-ROM, DVD-ROM, Blu-ray, HD-DVD, or other opticalstorage devices, as well as signal transmission and storage media. Userinput devices 1420 communicate user inputs from one or more users to thecomputer system 1400, examples of which may include keyboards, mice,joysticks, touch pads, touch screens, still or video cameras, and/ormicrophones. Network interface 1425 allows computer system 1400 tocommunicate with other computer systems via an electronic communicationsnetwork, and may include wired or wireless communication over local areanetworks and wide area networks such as the Internet. An audio processor1430 is adapted to generate analog or digital audio output frominstructions and/or data provided by the CPU 1405, memory 1410, and/orstorage 1415. The audio processor 1430 may be connected to inputs, suchas microphone 1470, and outputs, such as speaker 1475. The components ofcomputer system 1400, including CPU 1405, memory 1410, data storage1415, user input devices 1420, network interface 1425, and audioprocessor 1430 are connected via one or more data buses 1435. Audioprocessor 1430 is connected with microphone 1470.

A graphics subsystem 1440 is further connected with data bus 1435 andthe components of the computer system 1400. The graphics subsystem 1440includes a graphics processing unit (GPU) 1445 and graphics memory 1450.Graphics memory 1450 includes a display memory (e.g., a frame buffer)used for storing pixel data for each pixel of an output image. Graphicsmemory 1450 can be integrated in the same device as GPU 1445, connectedas a separate device with GPU 1445, and/or implemented within memory1410. Pixel data can be provided to graphics memory 1450 directly fromthe CPU 1405. Alternatively, CPU 1405 provides the GPU 1445 with dataand/or instructions defining the desired output images, from which theGPU 1445 generates the pixel data of one or more output images. The dataand/or instructions defining the desired output images can be stored inmemory 1410 and/or graphics memory 1450. In an embodiment, the GPU 1445includes 3D rendering capabilities for generating pixel data for outputimages from instructions and data defining the geometry, lighting,shading, texturing, motion, and/or camera parameters for a scene. TheGPU 1445 can further include one or more programmable execution unitscapable of executing shader programs.

The graphics subsystem 1440 periodically outputs pixel data for an imagefrom graphics memory 1450 to be displayed on display device 1455.Display device 1455 can be any device capable of displaying visualinformation in response to a signal from the computer system 1400,including CRT, LCD, plasma, and OLED displays. Computer system 1400 canprovide the display device 1455 with an analog or digital signal.

In accordance with various embodiments, CPU 1405 is one or moregeneral-purpose microprocessors having one or more processing cores.Further embodiments can be implemented using one or more CPUs 1405 withmicroprocessor architectures specifically adapted for highly paralleland computationally intensive applications, such as media andinteractive entertainment applications.

The components of a system may be connected via a network, which may beany combination of the following: the Internet, an IP network, anintranet, a wide-area network (“WAN”), a local-area network (“LAN”), avirtual private network (“VPN”), the Public Switched Telephone Network(“PSTN”), or any other type of network supporting data communicationbetween devices described herein, in different embodiments. A networkmay include both wired and wireless connections, including opticallinks. Many other examples are possible and apparent to those skilled inthe art in light of this disclosure. In the discussion herein, a networkmay or may not be noted specifically.

In the foregoing specification, the invention is described withreference to specific embodiments thereof, but those skilled in the artwill recognize that the invention is not limited thereto. Variousfeatures and aspects of the above-described invention may be usedindividually or jointly. Further, the invention can be utilized in anynumber of environments and applications beyond those described hereinwithout departing from the broader spirit and scope of thespecification. The specification and drawings are, accordingly, to beregarded as illustrative rather than restrictive.

It should be noted that the methods, systems, and devices discussedabove are intended merely to be examples. It must be stressed thatvarious embodiments may omit, substitute, or add various procedures orcomponents as appropriate. For instance, it should be appreciated that,in alternative embodiments, the methods may be performed in an orderdifferent from that described, and that various steps may be added,omitted, or combined. Also, features described with respect to certainembodiments may be combined in various other embodiments. Differentaspects and elements of the embodiments may be combined in a similarmanner. Also, it should be emphasized that technology evolves and, thus,many of the elements are examples and should not be interpreted to limitthe scope of the invention.

Specific details are given in the description to provide a thoroughunderstanding of the embodiments. However, it will be understood by oneof ordinary skill in the art that the embodiments may be practicedwithout these specific details. For example, well-known circuits,processes, algorithms, structures, and techniques have been shownwithout unnecessary detail in order to avoid obscuring the embodiments.

Also, it is noted that the embodiments may be described as a processwhich is depicted as a flow diagram or block diagram. Although each maydescribe the operations as a sequential process, many of the operationscan be performed in parallel or concurrently. In addition, the order ofthe operations may be rearranged. A process may have additional stepsnot included in the figure.

Moreover, as disclosed herein, the term “memory” or “memory unit” mayrepresent one or more devices for storing data, including read-onlymemory (ROM), random access memory (RAM), magnetic RAM, core memory,magnetic disk storage mediums, optical storage mediums, flash memorydevices, or other computer-readable mediums for storing information. Theterm “computer-readable medium” includes, but is not limited to,portable or fixed storage devices, optical storage devices, wirelesschannels, a sim card, other smart cards, and various other mediumscapable of storing, containing, or carrying instructions or data.

Furthermore, embodiments may be implemented by hardware, software,firmware, middleware, microcode, hardware description languages, or anycombination thereof. When implemented in software, firmware, middleware,or microcode, the program code or code segments to perform the necessarytasks may be stored in a computer-readable medium such as a storagemedium. Processors may perform the necessary tasks.

Having described several embodiments, it will be recognized by those ofskill in the art that various modifications, alternative constructions,and equivalents may be used without departing from the spirit of theinvention. For example, the above elements may merely be a component ofa larger system, wherein other rules may take precedence over orotherwise modify the application of the invention. Also, a number ofsteps may be undertaken before, during, or after the above elements areconsidered. Accordingly, the above description should not be taken aslimiting the scope of the invention.

What is claimed is:
 1. A computer-implemented method for locking a device, comprising: determining, by a mobile device, a first timeout time of the mobile device based at least in part on historical data of accelerations of the mobile device; detecting an event comprising a series of accelerations; determining that the event is indicative of a fall of the mobile device; determining that the fall of the mobile device was an unintentional fall of the mobile device based at least in part on the historical data of accelerations and the series of accelerations; determining an updated timeout time for the mobile device based at least in part on the fall of the mobile device, wherein each timeout time of the mobile device is associated with a risk of theft of the mobile device.
 2. The computer-implemented method of claim 1, further comprising setting a ringtone based at least in part on a risk of theft, the first timeout time or the updated timeout time.
 3. The computer-implemented method of claim 1, wherein the detecting the event comprising the series of accelerations includes detecting a fall followed by a sudden stop.
 4. The computer-implemented method of claim 1, wherein the detecting the event comprising the series of accelerations includes detecting a fall followed by a temporary stop and a bounce.
 5. The computer-implemented method of claim 1, further comprising setting an indicator light based at least in part on a risk of theft, the first timeout time or the updated timeout time.
 6. The computer-implemented method of claim 1, further comprising downloading information technology settings, the information technology settings providing settings for determining a risk of theft, the first timeout time, or the second timeout time.
 7. The computer-implemented method of claim 1, wherein calculating a risk of theft of the mobile device further comprises analyzing the series of accelerations to determine that the series of accelerations match a prior series of accelerations indicative of a user habit; and influencing the risk of theft to a value representing less risk than if the match had not occurred.
 8. A mobile device locking system, comprising: an accelerometer subsystem for determining an acceleration event; a historical analysis subsystem configured to compile historical data of accelerations of the mobile device, and to determine if the acceleration event was unintentional; a risk analysis subsystem configured to prepare a risk analysis of the mobile device based at least in part on the historical data of accelerations of the mobile device and the acceleration event; and a lockout subsystem configured to determine a first timeout time based at least in part on the historical data of accelerations of the mobile device and configured to determine an updated timeout time based at least in part on the acceleration event, the timeout time having a variable value based at least in part on the risk analysis of the mobile device.
 9. The mobile device locking system of claim 8, further comprising a location determining subsystem, the location determining subsystem providing a location to the risk analysis system.
 10. The mobile device locking system of claim 8, further comprising; memory for storing the historical data of accelerations.
 11. The mobile device locking system of claim 8, further comprising an indicator for showing a state of the first timeout time, second time out time, or risk analysis.
 12. The mobile device locking system of claim 8, wherein the risk analysis subsystem includes a communication module for receiving risk analysis information from a remote server.
 13. The mobile device locking system of claim 8, wherein the lockout subsystem includes a communication module for receiving a configuration from an administration server.
 14. One or more non-transitory computer-readable storage media having collectively stored thereon executable instructions that, when executed by one or more processors of a computer system, cause the computer system to at least: set a first timeout time based at least in part on compiled historical data of acceleration events; detect one or more acceleration events; determine that at least one of one or more acceleration events were unintentional; calculate a risk of theft based at least in part on the historical data of acceleration events and the one or more acceleration events; and set an updated timeout time based at least on the calculated risk of theft, the timeout times each set to a value from a range correlating at least in part with a risk of theft.
 15. The non-transitory computer readable media of claim 14, wherein the instructions further cause the computer system to at least: match the acceleration event to a prior acceleration event performed by a user; and reduce the calculated risk of theft based on the matching of the prior acceleration event.
 16. The non-transitory computer readable media of claim 14, wherein calculating a risk of theft includes sending acceleration event data to an external server system and receiving a message with the set timeout time.
 17. The non-transitory computer readable media of claim 14, wherein calculating a risk of theft further includes determining a location mobile device computer system and using the determined location in the calculation of the risk of theft.
 18. The non-transitory computer readable media of claim 14, wherein the instructions further cause the computer system to: classify the one or more acceleration events, the classification having an association with a risk of theft; and include the risk of theft associated with the one or more acceleration events in the risk of theft.
 19. The non-transitory computer readable media of claim 18, wherein classifying the acceleration event further includes determining that the one or more acceleration events is constrained to a plane or a rotation.
 20. The non-transitory computer readable media of claim 14, wherein instructions further cause the computer system to indicate on a display a current risk of theft. 